CODEWITHSUNDEEP
phpemailforms
Jacob23
Jacob23

Reputation: 11

Problem with php form

I have been asked by a friend to amend some code for his contact form. I don't know php so this is proving quite difficult. I know fluent HTML and CSS though.

The form needs to send name and email details to his email AND redirect to a thank you page. The redirect works fine as does all of the errors etc but it won't send any mail! This is the code:

<?php 
if(isset($_POST['txtName'])){

$sql = "SELECT * FROM tbl_ezine WHERE email = '$_POST[txtEmail]'";
$result = dbQuery($sql);
$numRows = dbNumRows($result);
if($numRows > 0){
echo "<script>window.location = 'http://www.thankyoupageishere.com';</script>";
}else{

if($_POST['txtEmail'] != "" && $_POST['txtEmail'] != "Email Address"){

$searchfor = "@";
$searchfor2 = ".";

$find1 = strpos($_POST['txtEmail'],$searchfor); // CHECK IF EMAIL CONTAINS @ SYMBOL
$find2 = strpos($_POST['txtEmail'],$searchfor2); // CHECK IF EMAIL CONTAINS . SYMBOL


if($find1 === false || $find2 === false) {
 // string needle NOT found in haystack
$errorStr = "Invalid email format.";
}
else {
 // string needle found in haystack
$sql = "INSERT INTO tbl_ezine (username, email, event) VALUES ('$_POST[txtName]', '$_POST[txtEmail]', 'hop')";
$result = dbQuery($sql);    
echo "<script>window.location = 'http://www.thankyoupageishere.com';</script>";
}


}else{// FIELDS ARE BLANK OR UNCHANGED
    $errorStr = "Please enter your name and email to continue.";
}
}
}

?>

<div id="content" class="hop" style="min-height:220px;">

<div id="body" style="min-height:200px;padding-right:340px;">
    <h2>Sign up to download your photos</h2>
    <p>Complete the registration form</p>
<?php 
if($errorStr != ""){echo "<p style=\"color:#F00;\">" . $errorStr . "</p>";}
?>
<form name="hop" class="competition" method="post" action="">
        <input type="text" value="Name" class="contact-name" name="txtName" /> <input type="text" value="Email Address" class="contact-email" name="txtEmail" /> <input type="submit" value="SUBMIT&gt;" class="submit" /></form>
</div>

Can someone tell me where I enter the email details!

Thanks.

Upvotes: 1

Views: 129

Answers (4)

T4u
T4u

Reputation: 291

where is your mail function?

you should use php's mail function to send emails.

htmlspecialchars() will make the input secure, because you want to avoid xss and sql injections . Dont ever develop something as insecure as the code you posted.

$name=htmlspecialchars($_POST['txtName'],ENT_QUOTES); 
$email=htmlspecialchars($_POST['txtEame'],ENT_QUOTES);
mail("[email protected]","(subject) A new mail","name: $name , email: $email");

Upvotes: 2

psx
psx

Reputation: 4048

You could try: (replace the 2 variables with the content you want). I also fixed a few incorrect uses of the $_POST array (you forgot the single quotes around txtEmail in places)

    <?php 
if(isset($_POST['txtName'])){

$sql = "SELECT * FROM tbl_ezine WHERE email = '". $_POST['txtEmail'] . "'";
$result = dbQuery($sql);
$numRows = dbNumRows($result);
if($numRows > 0){
//************ EDIT THESE ****************
$subject = "Your email subject";
$message = "Your email message";
//****************************************
mail($_POST['txtEmail'], $subject, $message);


echo "<script>window.location = 'http://www.thankyoupageishere.com';</script>";
}else{

if($_POST['txtEmail'] != "" && $_POST['txtEmail'] != "Email Address"){

$searchfor = "@";
$searchfor2 = ".";

$find1 = strpos($_POST['txtEmail'],$searchfor); // CHECK IF EMAIL CONTAINS @ SYMBOL
$find2 = strpos($_POST['txtEmail'],$searchfor2); // CHECK IF EMAIL CONTAINS . SYMBOL


if($find1 === false || $find2 === false) {
 // string needle NOT found in haystack
$errorStr = "Invalid email format.";
}
else {
 // string needle found in haystack
$sql = "INSERT INTO tbl_ezine (username, email, event) VALUES ('". $_POST['txtName']."', '".$_POST['txtEmail'].'", 'hop')";
$result = dbQuery($sql);    
echo "<script>window.location = 'http://www.thankyoupageishere.com';</script>";
}


}else{// FIELDS ARE BLANK OR UNCHANGED
    $errorStr = "Please enter your name and email to continue.";
}
}
}

?>

<div id="content" class="hop" style="min-height:220px;">

<div id="body" style="min-height:200px;padding-right:340px;">
    <h2>Sign up to download your photos</h2>
    <p>Complete the registration form</p>
<?php 
if($errorStr != ""){echo "<p style=\"color:#F00;\">" . $errorStr . "</p>";}
?>
<form name="hop" class="competition" method="post" action="">
        <input type="text" value="Name" class="contact-name" name="txtName" /> <input type="text" value="Email Address" class="contact-email" name="txtEmail" /> <input type="submit" value="SUBMIT&gt;" class="submit" /></form>
</div>

Upvotes: 0

Kumar
Kumar

Reputation: 5147

$sql = "INSERT INTO tbl_ezine (username, email, event) VALUES ('$_POST[txtName]', '$_POST[txtEmail]', 'hop')";
$result = dbQuery($sql);    
/*send mail here*/
mail($_POST[txtEmail], 'Your email subject', 'your email content here', "From: [email protected]\r\n");
echo "<script>window.location = 'http://www.thankyoupageishere.com';</script>";

But, before you go and make this code live,I would suggest you to use some readymade script. For example, $_POST[txtEmail] should be $_POST['txtEmail']. You are not filtering user input. Unsafe user input is a security hole. IMHO, if you do not have any interest in learning PHP or programming hire some freelance for 10$ to do the script rather than doing it yourself and landing in trouble.

Upvotes: 0

psx
psx

Reputation: 4048

It won't send any email because you haven't used the php mail() command anywhere.

You can find the full reference to the function and examples at http://php.net/manual/en/function.mail.php

Upvotes: 0

Related Questions